Re: [PATCH] btrfs: validate ROOT_BACKREF name before copying subvolume info

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Zhang Cen <rollkingzzc@gmail.com>
To: Qu Wenruo <wqu@suse.com>
Cc: Chris Mason <clm@fb.com>, David Sterba <dsterba@suse.com>,
	linux-btrfs@vger.kernel.org, zerocling0077@gmail.com,
	2045gemini@gmail.com, Zhang Cen <rollkingzzc@gmail.com>
Subject: Re: [PATCH] btrfs: validate ROOT_BACKREF name before copying subvolume info
Date: Sun, 10 May 2026 22:37:37 +0800	[thread overview]
Message-ID: <20260510143737.3710790-1-rollkingzzc@gmail.com> (raw)
In-Reply-To: <qu-root-backref-20260510-161800@local>

On Sun, May 10, 2026 at 04:18:00PM +0800, Qu Wenruo wrote:
> The validation is too late.
> 
> btrfs subvolume creation only accept BTRFS_SUBVOL_NAME_MAX + 1 (for the
> terminating \0).
> 
> This means a subvolume ref/backref should not have a name longer than
> BTRFS_SUBVOL_NAME_MAX in the first place.
> 
> Such independent checks should all be done inside tree-checker.

Agreed, thanks for the review.

I'll move the on-disk ROOT_REF/ROOT_BACKREF validation into tree-checker
for v2 and cover both key types there. The v2 change will reject items
smaller than struct btrfs_root_ref, reject records where name_len does not
match the item payload, and reject names longer than BTRFS_SUBVOL_NAME_MAX.

I'll keep the BTRFS_IOC_GET_SUBVOL_INFO-side BTRFS_VOL_NAME_MAX check only
as the local guard for its fixed-size UAPI output buffer before copying the
already validated name.

Thanks,
Zhang

next prev parent reply	other threads:[~2026-05-10 14:38 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-05-10  7:49 [PATCH] btrfs: validate ROOT_BACKREF name before copying subvolume info Zhang Cen
2026-05-10  8:18 ` Qu Wenruo
     [not found] ` <qu-root-backref-20260510-161800@local>
2026-05-10 14:37   ` Zhang Cen [this message]
2026-05-10 14:42 ` [PATCH v2] btrfs: validate root ref names in tree-checker Zhang Cen
2026-05-10 14:46   ` Cen Zhang
2026-05-10 15:03 ` [PATCH v3] " Zhang Cen
2026-05-10 22:12   ` Qu Wenruo

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260510143737.3710790-1-rollkingzzc@gmail.com \
    --to=rollkingzzc@gmail.com \
    --cc=2045gemini@gmail.com \
    --cc=clm@fb.com \
    --cc=dsterba@suse.com \
    --cc=linux-btrfs@vger.kernel.org \
    --cc=wqu@suse.com \
    --cc=zerocling0077@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.